The Heartbreaking Truth About Online Dating Privacy

San Francisco - Millions of people use Internet dating sites to search for love and connection every day, but it could come a big cost for their privacy and security. The Electronic Frontier Foundation (EFF) has found that many services are taking shortcuts in safeguarding users' profiles and other sensitive data.

In "Six Heartbreaking Truths About Online Dating Privacy," EFF identifies serious security holes and counter-intuitive privacy settings that could expose daters' private information. For example, your dating profile – including your photo – can hang around long after you think you've taken yourself off the market. Some sites are also sucking up the vast quantity of data their users share and selling it to online marketers. If you aren't careful, your profile can also be indexed by Google, perhaps popping up in search results if you have an unusual nickname or other unique ways of describing yourself.

"Whether you signed up on a lark or maintained an active profile for years, you may be exposing more information about yourself than you know," said EFF Activism Director Rainey Reitman. "There are a number of ways your online dating profile can be connected to your real identity, exposing things like religious and political beliefs, drug and alcohol use, and sexual preferences. That's why we created this list of the biggest risks, and included some simple tips for online daters who want to protect themselves."

As part of its campaign to raise awareness about the privacy and security risks on popular online dating sites, EFF analyzed the security practices of eight major sites. Many of the most popular sites, like eHarmony and Match.com, don't offer secure access through HTTPS by default, and OkCupid doesn't provide HTTPS access at all. That means every OkCupid username, email, chat session, search, and page viewed are all transmitted in plaintext instead of in encrypted form.

"OkCupid says it can limit who sees your profile – for example, users who identify as gay or bisexual may opt out of being seen by straight people," said EFF Senior Staff Technologist Seth Schoen. "But without HTTPS, the fact that you identify as gay and don't want to be seen by some groups is sent in plaintext, making it easy for someone with the right skills to uncover it. Major sites like Twitter and Facebook have implemented HTTPS recently to protect their users. But dating sites like OkCupid are sadly lagging behind."

Related Updates

EFF sent California Gov. Jerry Brown a letter urging him to sign S.B. 31. This bill, authored by Sen. Ricardo Lara, would prevent state and local government in California from assisting the federal government in creating a registry based on religious belief, national origin, or ethnicity. All too...

In April 2017, Terry Spears shared his story with San Diego’s local public media station KPBS on what it’s like to be listed in the CalGang database. Even though Mr. Spears says he has never been in a gang, it hasn’t stopped law enforcement from harassing him, and he once...

Because the global Internet carries data acrossinternationalborders, police often seek digital evidence stored in another country. To obtain such cross-border data, police generally must gain approval from the government whose territory hosts the data, under an international web of Mutual Legal Assistance Treaties (MLATs)...

Since 2014, our digital security guide, Surveillance Self-Defense (SSD), has taught thousands of Internet users how to protect themselves from surveillance, with practical tutorials and advice on the best tools and expert-approved best practices. After hearing growing concerns among activists following the 2016 US presidential election, we pledged...

In the dead of night, the California Legislature shelved legislation that would have protected every Internet user in the state from having their data collected and sold by ISPs without their permission. By failing to pass A.B. 375, the legislature demonstrated that they put the profits of Verizon, AT&T, and...

As the days wind down for the California legislature to pass bills, transparency advocates have seen landmark measures fall by the wayside. Without explanation, an Assembly committee shelved legislation that would have shined light on police use of surveillance technologies, including a requirement that police departments seek approval from...

Now that California’s Broadband Privacy Bill, A.B. 375, is headed for a final vote in the California legislature, Comcast, Verizon, and all their allies are pulling out all the stops to try to convince state legislators to vote against the bill. Unfortunately, that includes telling legislators about made-up problems the...

Boston, Massachusetts—The Electronic Frontier Foundation (EFF) and the American Civil Liberties Union (ACLU) sued the Department of Homeland Security (DHS) today on behalf of 11 travelers whose smartphones and laptops were searched without warrants at the U.S. border. The plaintiffs in the case are 10 U.S. citizens and...

Huge news for broadband privacy! A California bill that would restore many of the privacy protections that Congress stripped earlier this year is headed for a final vote this Friday, The bill, A.B. 375, had languished in the Senate Rules Committee due to the efforts of AT&T, Comcast, and...